“Hello, I‘m definitely not calling from India. Can I take control of your PC?”

The Federal Trade Commission today announced a broad crackdown on scareware scammers accused of using an ancient technology—the telephone—to trick thousands of unsuspecting victims into handing over full access to their Windows PCs. By cold-calling victims and claiming to be from companies like Microsoft, Dell, and McAfee, the scammers directed users to a harmless error log on their computers and told them it was a sign of a serious infection, the FTC said. The alleged scammers went on to charge anywhere between $49 and $450 to "fix" the consumers' computers.

At a press conference announcing six lawsuits filed in US District Court in New York, FTC Chairman Jon Leibowitz said at least 2,400 people—and probably many more—were tricked in this manner. The FTC believes such scams have cost consumers tens of millions of dollars worldwide.

Like a bad Bollywood movie

The FTC played a phone call between one of the defendants and a female victim, who was actually a "highly skilled FTC investigator" playing the role of a clueless computer user. The defendant has an Indian accent, but calls were generally spoofed to appear to be coming from US phone numbers.

Defendant: OK, so now what you need to do, madam, you need to scroll down the page very slowly, very carefully from your end, and you need to just pull it down and tell me if you can see anything else other than the blue color information over there or not. And if you see anything else over there, let me know.

FTC agent: OK. Hold on, I'm doing that.

Defendant: Very careful, all right.

FTC agent. [Pauses]. Ummm, let's see. Oops! Hold on.

Defendant: Uh huh.

FTC agent: Umm, I see something that says "warning"? And something that says "error"?

Defendant: Jesus! Did you see some warnings?

FTC agent: Yeah it says…

Defendant: Hello?

FTC agent: Yeah it says "warning."

Defendant: Madam, it would be my humble request to you, please do not try to click on any of them, OK?

FTC agent: OK.

Defendant: And it would be my request that you keep your mouse pointed away from them, because they are the malicious online infections I was speaking about. Once you click on any of them your computer might even stop responding at any point in time. So be very careful, OK?

FTC agent: OK. I'm not touching the mouse!

Defendant: If you have already seen them this means your computer is also one of those computers which has been infected with the online infections, OK?

Leibowitz cut off the recording there, and said "At one level that's like a bad Bollywood movie. But at another level, that's a serious ripoff of consumers." Such scams have been going on for years, but the operations announced today were particularly widespread.

There were various methods the scammers used to get the users on the phone in the first place. In addition to cold-calling, one of the six defendants "purchased ads on Google, for search terms like McAfee, PC support, and fix MS Office, with pseudonyms and a toll-free number to call," Leibowitz said. The company, named PCCare247, allegedly paid Google more than $1 million for search ads going back to 2010. In one example, searching Google for "Contact McAfee Support" brought up the defendants' phone number and website.

Warning: Everything is working normally

The other five companies allegedly used "telemarketing boiler rooms" to make cold calls, including to people on the Do Not Call list. While mostly based in India, they targeted consumers in the US, Canada, Australia, Ireland, New Zealand, and the UK.

"Pretending to be affiliated with a major computer company, the defendants claimed to have received an automatic notification from the person's computer about a problem," Leibowitz said. "They used Voice over Internet Protocols to seem like they were calling from numbers in the consumer's country, sometimes in the same area code. They told their potential victims to go to their computer, look at a file that shows warning messages—actually these warning messages are just a standard part of the Windows operating system. The messages do not mean the computers are affected with viruses or any other malware."

The "warning messages" come from the Windows Event Viewer, which shows standard messages about the computer's operation. According to Microsoft, "an error is a significant problem, such as loss of data," while "a warning is an event that is not necessarily significant, but might indicate a possible future problem." Scammers allegedly lied to consumers, saying the messages meant hackers were in their computers, and even that their computers might "blow up."

The defendants are charged with "violating the FTC Act, which bars unfair and deceptive commercial practices, as well as the Telemarketing Sales Rule and with illegally calling numbers on the Do Not Call Registry," the FTC said. The FTC charged 14 corporate defendants and 17 individuals, and won a temporary restraining order to freeze $188,000 worth of assets and shut down their operations. This includes disabling Web hosting and phone service.

Microsoft and other computer companies helped the FTC in its investigation, as did authorities in Australia, Canada, and the UK. Canada and Australia also brought legal action against the defendants for violations of their Do Not Call laws.

The names of the corporate defendants charged by the FTC include Pecon Software, Finmaestros LLC, Zeal IT Solutions, Virtual PC Solutions, Lakshmi Infosoul Services, and PCCare247.

In the complaint against Pecon Software in India, the FTC said the scams have been going on since at least 2008. The complaint also describes how the scam unfolds after the users have been tricked into thinking their computers are infected. We quote at length:

Having convinced the consumers that their computers are in imminent danger, the Defendants then direct the consumers to a website and instruct them to enter a code or download a software application to allow the Defendants remote access to the consumers’ computers. Once the Defendants have remote access, they are able to completely control the consumers’ computers and can, for example, move the cursor, enter commands, run applications, and access stored information.

The Defendants then attempt to sell the consumer illusory long-term “security” or “technical support” services and perform unnecessary “repairs,” including installing otherwise free programs, such as trial versions of antivirus programs, and deleting the innocuous files they falsely claimed were viruses. The Defendants charge consumers for these services in an amount ranging from approximately $159 to $299.

The Defendants next direct the consumer to one of several websites they operate in order to pay for the computer security or technical support service. The Defendants’ websites are highly interactive. They purport to allow consumers to chat directly with representatives, leave their contact information to request a call-back, and also browse and pay for various services online. In numerous instances, the Defendants register their websites through privacy protection services that mask their true identity. As a result, consumers are unable to determine the true owner of the website or the fact that the same company operates multiple websites.

If consumers do not agree to pay for the service the Defendants typically apply pressure to the consumers. The Defendants will warn consumers about the harm that will come to their computers if they do not allow the Defendants remote access to fix the computers. Afterwards, the Defendants assert they have fixed the non-existent problems. In reality, Defendants merely charged consumers for repair products and services they did not need.

Tech-savvy Ars readers are unlikely to fall for such a scam. But if you have relatives and friends who lack the necessary dose of skepticism, and they receive unsolicited phone calls from people wanting to fix their computers, they should hang up and report the scam to the FTC or their PC security vendor.

While the scammers seem to just want money, Microsoft Director of Consumer Affairs Frank Torres said their tricks could easily be used for worse.

"What's worse is these scams not only cost victims money in terms of making consumers pay for something they don't really need, or that doesn't happen," Torres said. "But it could also compromise the security of their computers, leaving them vulnerable to malicious software and other attacks."

These have been going on like crazy in Australia for about three years. Everyone I know has received three or four calls "from Microsoft". Several family members who aren't tech-savvy have been scammed out of amounts between $50 and $300.

I decided to play along once, and they were surprisingly well-rehearsed. They asked me to open up event viewer, and asked me if I could see any errors. Of course there were some there - password authentication failures and the like.

They said these were critical issues, and had I been non-tech-savvy, the big red crosses would have probably been alarming - I would have thought "These technicians from Microsoft just called, and they knew I had these critical errors. It must be real".

At that point, they referred me to a technician, who would be willing to fix the errors for a "very small fee, we do this at cost price to keep your computer running well - it's a service offered by Microsoft". They asked for my credit card number and I just turned on Rick Astley and let them listen until they gave up.

I can seriously see how people fell for the scam. Some of the transcripts might be ridiculous, but the guy who called me was actually quite a professional con artist.

One of my clients fell for this scam. Unfortunately, he paid over $500 to the scammers. When he refused to pay any more, they actually locked the computer, told him he wouldn't be able to use his computer anymore, and hung up on him.

He brought the tower to me and when I booted Windows, it asked for a password before it even got to the login screen. I pulled the hard drive and ran several scans and wasn't able to find any malicious software, but I still couldn't get past that stupid password prompt. Safe mode still asked for it and so did the last known good configuration boot mode.

Finally, I pulled registry files from the Snapshot folder and replaced the ones in the Config folder. I hope this helps someone if they too are stuck with something like this.

I actually had one of these guys call me about 3 weeks ago. He gave his spiel saying he was from Microsoft and they have detected I have a virus on my computer and they are going to help me through the process of removing it for free. I said "Oh so you're those guys that make up that my computer has a problem, get full access to my PC, try to steal my personal information and try and charge me a fee in the end? I was just reading about you a couple months ago" His answer was "Oh yes sir, um sorry to bother you" And I replied well good luck finding an idiot and he said "Yes, lot's of idiots out there".

It was hilarious, the way I said the stuff earlier was in a jokingly coy manner not rudely, I guess he found it non threatening so he played a long a bit and said what he said.

I read an article after seeing this video of a recording of it happening.

In it he goes way beyond and tries to waste as much time of theirs as possible, I was inspired by it to try and make something of my call. You can also see they got complete access to his computer so could see everything on the screen and they were watching while he was entering his (false) credit card number. This could also be banking information and everything but they said that they could not see what was going on which was a lie as they were in share screen.

Supposedly these types were actual former employees of one of Microsoft's "Gold" tech support providers i.e ones that have MS's seal of approval called Comantra. They took what they learned about customer service calls working for Microsoft and set their own scam tech support companies using their learned believability and protocol to fool people into giving people access to their PC's remotely and getting money out of them for unneeded work.

I do not understand why people are bashing the "ignorant". We are just as likely to be swindled in fields we are not aware of. The real issue is the fact that they have gotten away with this and are bold enough to curse people without fear. As an Indian I find it sad that some people have resorted to this. The fact that they seem to invest huge sums of money is all the more worrying. The governments on both sides should work together to snuff this terrible practice!

I got called by them. I played stupid and tried to follow their directions on a Linux box. After about fifteen minutes of playing with them I told them that I was with the FBI and was conducting a sting on telephone scammers. I asked for his full name and his manager's name. Then he hung up.

Totally worth it.

Next time tell them you've already traced the call and know who's in the building but if he cooperates then you can get him a plea bargain. If you're lucky he won't hang up and will give you any details you like

I had never heard of this scam until recently. My Aunt died in July and we were clearing our her flat. The phone goes and a lady on the end proceeded to tell me that they'd noticed some strange activity on my aunts computer over the past couple of days. Seeing as she'd been dead for 2 weeks and her laptop was at my house with the hard drive removed I found that intriguing.I wasn't in the mood for games so I hung up and thought nothing more of it other than an obvious scam. I had no idea it was such a big thing.

I've several calls like this in the UK; the problem is there's no good way to report things like that, filing a complaint takes ages and is unlikely to go anywhere because the numbers they call from are rarely the same.

Not to seem racist but I swear the calls have even been from the same guy, supposedly named "Chris", who doesn't seem to understand the concept of a household with nothing but Macs (and a Linux box).

A side effect of this is that I've now been trained to hang up on anyone with an Indian accent.The first couple of years of this I hoped that _some_ of them were calling about something important.It's now come to the point where if it's my landline, and an Indian accent, they don't get past 'Hello, may I speak to a Mr XY' 'No' *click*...well, if it's important, they'll call back, right?

Mitsubishi doesn't call, say your engine is about to fall out, bring it to us and we'll fix it.Just because you're old, doesn't mean you're stupid. If you fall for this when you're old, you probably would've fallen for it as a younger person. Old people tend to be less patient, not more gulible.

Just out of curiosity, have you ever heard of a Recall? And in fact, the local Ford dealer did call my mother when her Truck had a recall. So while in the case of a recall they more often contact you by mail, they can and sometimes do contact you by phone.

Blaming old people for being "gullible" and "careless" for being victimized by such scams is tantamount to blaming children when they get victimized by a pedophile. A little empathy and compassion will go a much longer way.

My mom got taken by a company called G-Tech. Their remote control software looked busy for half an hour then they called back and asked her to check that everything was working OK. I can only assume they were selling it to the point of getting away without her ever knowing that she was scammed.Fortunately, she gave them the wrong account number so they didn't get paid that time.She called me (the family tech support guy) and a quick Google search revealed the scam. I couldn't find any malware on her machine. The only thing I found amiss is that the restore points from before their "fix" all failed. I backed everything up and reinstalled from scratch. I wonder now if I shouldn't have wiped the disk first.

For years the American Association of Retired Persons has been spreading the gospel of not giving account info to people who call you. If that hasn't stopped this scam I don't know what will.

Did nobody research that this whole scam generates out of Kolkata in India? ALL of the mentioned companies are originating from Kolkata! The defendants are all from Kolkata! And the websites are ALL still active as of Oct. 4th 2012. So much for a toothless injunction from the FTC.....

Did nobody research that this whole scam generates out of Kolkata in India? ALL of the mentioned companies are originating from Kolkata! The defendants are all from Kolkata! And the websites are ALL still active as of Oct. 4th 2012. So much for a toothless injunction from the FTC.....

Well realistically, short of a cruise missile or predator strike what exactly do you expect the US Government to do? It's a foreign country, sure the State Dept can put pressure on the Indian Government to stop this kind of crap, but they may not be breaking any laws in India.

However, my favorite is internet service providings, where a guy pranks the unsuspecting victim and tries to get them to switch internet service providings to a better internet service provider to provide better internet service providings.

Mitsubishi doesn't call, say your engine is about to fall out, bring it to us and we'll fix it.Just because you're old, doesn't mean you're stupid. If you fall for this when you're old, you probably would've fallen for it as a younger person. Old people tend to be less patient, not more gulible.

Just out of curiosity, have you ever heard of a Recall? And in fact, the local Ford dealer did call my mother when her Truck had a recall. So while in the case of a recall they more often contact you by mail, they can and sometimes do contact you by phone.

Not even mail about recalls can be trusted. I've gotten mail about recalls, extended warranty purchase options, all kinds of things. At casual glance, they appear to be from the auto manufacter. An important notice of some kind. But upon close examination, you realize Ford or whomever would put their company logo and return address on the envelope.

Not scams, exactly, since I'm sure they do offer some kind of service. But I definitely think they're predatory.

I find it unfortunate how ignorant some of you people are. You accuse these people as being "gullible" and stupid yet it is you who have no comprehension of the plight of today's elderly (the main targets of these scams) who are increasingly being encouraged/required to use new technologies yet given little, if any, help before they get into trouble. Have you such a limited concept of human beings that you can't conceive of anyone that thinks differently than you do and as such may be quite innocently susceptible to problems that you find humorously simple to resolve? So often it is those who point and laugh that are the truly ignorant. Do you know what empathy is?

Old people can learn to live in the real world just as easy as any of the rest of us. Hell, since most of them are retired, they have nothing but time to devote to learning more and improving their skills. It's what I'd do. Whether they want to, or not, isn't what's being argued. They have the ability to improve themselves, if they choose not to exercise it then they'll continue to be preyed upon.

You must not be aquainted with the fact that as one ages one's mental faculties decline naturally. That should be a fun suprise for you. If you notice, of course. Now where did I put my checkbook...

Actually unless you have some kind of dease or disorder that is not true. The brain does not deteriate like the body and your senses and mental faculties get sharper. This is what leads to the confusion. You are able to accept more information and processing it all can be daunting. The big issue is most people stop using their brains after high school, which leads to diminished capabilities. I see myself as a MMORPG character and life as one big MMO. I continually learn new things to increase my stats so that when I hit level 100 I can solo the boss in the dungeon.

Quite a few of these scams would lose some teeth if call spoofing was outlawed.

Not really, your laws don't apply to other countries around the globe (until you "liberate" us, that is). They could easily spoof a US number from India, or failing that, spoof a more plausible country like Canada. US laws won't stop that.

Quite a few of these scams would lose some teeth if call spoofing was outlawed.

Not really, your laws don't apply to other countries around the globe (until you "liberate" us, that is). They could easily spoof a US number from India, or failing that, spoof a more plausible country like Canada. US laws won't stop that.

Correct although even in a packet network there can be the notion of "borders" which is how Iran and China get away with what they do. A VoIP call (which most of the scammers use) coming in showing an identity (callerID) within those borders would be suspect.

However, my favorite is internet service providings, where a guy pranks the unsuspecting victim and tries to get them to switch internet service providings to a better internet service provider to provide better internet service providings.

My nearly seventy year old grandmother has received a couple of these (we've had abou three or four in the last few years), and has generally just hung up on them.Seems fine - but the best bit was that she doesn't actually a own a computer: put one in front of her and she looks as though you've told her to perform delicate neurosurgery. So she told them, these people from "Windows" that she doesn't actually own a computer, multiple times. Apparently she was lying and they know better! They absolutely refused to accept that she just did not own any sort of computer. And so she hung up.

Old people can learn to live in the real world just as easy as any of the rest of us. Hell, since most of them are retired, they have nothing but time to devote to learning more and improving their skills. It's what I'd do. Whether they want to, or not, isn't what's being argued. They have the ability to improve themselves, if they choose not to exercise it then they'll continue to be preyed upon.

[sarcasm]Well. I guess you didn't get raisins this morning in your breakfast oatmeal!

What a feckless, (look at definition #2) cowardly, heartless psychotic you are! I'm recruiting for a phone scam business and you sound perfect as manager for our phone bank![/sarcasm]

Exactly. Very few people would fall for this if it was for their bank account, but somehow because it involves computers their brains turn off.

Meh ... the Windows intro walk-through doesn't exactly go into detail about the Event Viewer. Computers are complicated, and social engineering works. The more complicated something is, the more someone really wants to believe a person is trying to help them with it. Not everyone can be a computer tech hobbyist (or professional), just as not everyone can be a rocket scientist, brain surgeon, daycare worker or artist.

What's helpful is to always believe the worst in people and assume that anyone who tries to help you out of the blue is probably out to get you. This goes for all corporate employees and double for politicians.

How can you reasonably expect someone like this [stereotype/cliche grandparent] to magically know that this sort of phone call is a scam?

Because real companies don't call you out of the blue to charge you for a problem you didn't know you had.

If "Ford" called your grandfather to tell him he had to take his car to his local mechanic (for imaginary or unecessary repairs) before his wheels fell off, would you be so sympathetic? What makes it suddenly so different when it's a different kind of machine? Computer are full of magic, now? You must "magically know that this sort of phone call is a scam"?

Yes, because when Ford does find a potentially dangerous problem, they have to launch a recall campaign and notify everyone to whom an affected vehicle is registered. And they say exactly that -- "We've discovered a problem that may exist on your vehicle. Please bring it to your nearest Ford dealer".

There is a very inexpensive defense against these scum - a program that integrates a smart modem with voice capabilities and a database of known scammers' phone numbers. When a call is detected it reads the caller ID information and compares that to your local black list and then the online blacklist. If it matches (actually it can also match on the name presented through caller ID too) it can play a sound file that starts with the TelCO invalid number tones, and then hangs up. The program is called PhoneTrayPro. There are a bunch of modems it supports and has a very active support forum. Their website is at http://www.phonetray.com

DISCLAIMER: I do not work for Traysoft or any of it's affiliates, I am just a *very* satisfied customer. I liked it so much I set it up on my wife's business line as well.

caller ID on phones should Never be able to be turned off and should be illegal to spoof an ID number (or not have an Valid caller ID

problem in the UK is the mind set is if i have Ex-directory that they assume they Must also have caller ID withheld enabled as well as (its annoying to me as get customers ringing me and they have no caller ID so cant ring them back)

I got a call from one of them claiming to be Microsoft and that there was something wrong with my computer. I hung up after telling them this scam was all over the net and they called back trying to claim it wasn't a scam and total them I had a Mac and that I didn't have ANY Microsoft software on my machine (true as my 2004 version of Office broke with Lion). They called back a third time but didn't say anything (making it a harassing call) and I hung up. They didn't call back a fourth time.

I find it unfortunate how ignorant some of you people are. You accuse these people as being "gullible" and stupid yet it is you who have no comprehension of the plight of today's elderly (the main targets of these scams) who are increasingly being encouraged/required to use new technologies yet given little, if any, help before they get into trouble. Have you such a limited concept of human beings that you can't conceive of anyone that thinks differently than you do and as such may be quite innocently susceptible to problems that you find humorously simple to resolve? So often it is those who point and laugh that are the truly ignorant. Do you know what empathy is?

Old people can learn to live in the real world just as easy as any of the rest of us. Hell, since most of them are retired, they have nothing but time to devote to learning more and improving their skills. It's what I'd do. Whether they want to, or not, isn't what's being argued. They have the ability to improve themselves, if they choose not to exercise it then they'll continue to be preyed upon.

You know, the issue really isn't that they don't know much about the computer. Really, it comes down to growing up in an era when trust was extended more because the people you interacted with were right there in the room (or outside) with you. If they cheated you, you knew where they worked and could make the situation right either via legal or other means. With technology growing by leaps and bounds we (unfortunately) now have to interact and deal with people we will never meet. These people often feel very safe trying to scam us because they generally are pretty darn sure we can't find them or get their identity. The whole trust scenario changes. Just like the Greater Internet Fuckwad Theorem - which in part tells us that anonymity breeds assholes. It may be true that older people in general don't know as much about computers. But the bigger issue is that they grew up in an era of face to face contact breeding better behavior than we get now that technology allows us to connect to darn near anyone in the world anonymously. They have trouble changing trust models from "these are probably trustworthy people and if they aren't I can fix it" to "these guys are only calling me because they want to take my money". I imagine some new stuff will come about by the time we all get old and it will probably throw us for a loop too.

Nice theory but totally wrong because these type of long distance scams have been going one for a LONG time. Before the phone there was mail--in fact one of the biggest scams resulted in the current mail system where you pay to send (rather than receive) a letter.

The Nigerian scam is nothing more than the old pigeon drop with a flesh coat of paint. The painful reality is these are all confidence tricks going back to 1849 and William Thompson.

Did nobody research that this whole scam generates out of Kolkata in India? ALL of the mentioned companies are originating from Kolkata! The defendants are all from Kolkata! And the websites are ALL still active as of Oct. 4th 2012. So much for a toothless injunction from the FTC.....

Well realistically, short of a cruise missile or predator strike what exactly do you expect the US Government to do? It's a foreign country, sure the State Dept can put pressure on the Indian Government to stop this kind of crap, but they may not be breaking any laws in India.

I expect the FTC not to say they closed down websites when its not true! All of the named "services" and websites were active and running when I checked. In their press release the FTC claimed to have taken action. I saw none. And the boys do break laws in India.

Is this "crackdown" forcing the scammers to focus on other countries than the US? I've gotten three calls this week alone (located in Sweden).

Him: "I can see that you have viruses on your computer."Me: "How do you know it's my computer? What's the IP address?"Him: "The IP address is confidential."Me: "But it's my IP, how can it be confidential?"Him: [Angry] "It is!"

Just got a call at my mother-in-law's. Frank, claiming he was calling from Microsoft support, that a computer at our address had been sending error reports... when I started asking how they knew it was from our address they got evasive, I asked for their information and they gave a call-back number - +91 9748223797. I stated that Microsoft would have a 1-800 or 1-877 number not an overseas number, and they told me to use a cell phone to call that number to confirm it, then started saying i was a "mother-f***er if you do not call it right away." Clearly a scam, probably tied to racking up phone charges, potentially to hacking the SIM card in a cell phone I would call from.

I wonder if anybody has ever left a complaint at Microsoft about their service reps calling them motherfuckers over the phone. "He seemed so nice at first, calling me to tell me that my computer was broken, but then he used very rude language."

But yeah, there are basically two possibilities with that scenario. 1. Telephone fee fraud.2. Fake "antivirus" botnet client.

Maybe both! The fact that he wanted you to call back suggests the former though, but I wouldn't put it past them to try to get you to download some botnet client and install it on your machine while you're racking up a huge phone bill.

One of my clients fell for this scam. Unfortunately, he paid over $500 to the scammers. When he refused to pay any more, they actually locked the computer, told him he wouldn't be able to use his computer anymore, and hung up on him.

He brought the tower to me and when I booted Windows, it asked for a password before it even got to the login screen. I pulled the hard drive and ran several scans and wasn't able to find any malicious software, but I still couldn't get past that stupid password prompt. Safe mode still asked for it and so did the last known good configuration boot mode.

Finally, I pulled registry files from the Snapshot folder and replaced the ones in the Config folder. I hope this helps someone if they too are stuck with something like this.